Tokenize With Multiple Payment Processors

June 6, 2019

An order management service (OMS) website allows customers to order items from multiple companies. Each customer order may contain items from multiple companies. The OMS breaks-up the customer order and forwards individual orders to each company. Each company uses a different payment processor.

Goal

Remove credit cards from the order management service’s environment while providing each company with a token specific to their payment processor.

Solution

The order management service (OMS) uses an HTML iFrame.

The OMS uses the processor-specific tokens in the company order.

The OMS does not need to integrate with each payment processor — just integrate with the AuricVault® service. The single Token Swap interface reduces integration complexity.

  • The OMS uses an embedded iFrame hosted on Auric's PCI-compliant servers to collect and tokenize the customer’s credit card number.
  • The OMS then makes multiple calls to the AuricVault® service and uses the Token Swap option to create processor-specific tokens for each company.
  • The OMS provides tokenized order requests for each payment processor from a single AuricVault® token.

Data Flow

Token Swap dataflow.

 

The Token Swap data flow.

The company has already created AuricVault® tokens while collecting inbound orders.

  1. The Order Management service sends an AuricVault® token to the AuricVault® Token Swap option and requests a token for a specific payment processor.
  2. The Token Swap option detokenizes the credit card account number, forwards it to the proper payment processor, and receives a processor-specific token back.
  3. The AuricVault® service returns the processor-specific token to the Order Management service.
  4. The Order Management service forwards the order containing the processor-specific token to the appropriate company.

Security

The AuricVault® service's Token Swap option completely removes the credit card number from the OMS data flow. The end company receives the secure payment-processor specific token.

Technologies Used

  • Tokenization
  • Data Separation
  • Browser-side embedded iFrame and JavaScript
  • The Token Swap option

Have Questions?

Contact Us

1,000 character limit.

By submitting your name, email address, phone number, and message, you are permitting us to contact you by these means in response to your inquiry or feedback. You also acknowledge that you have read our Privacy Statement and that you consent to our processing data in accordance with it.